The key is the "LOGINDISABLED".
By default, UW imapd will not permit plaintext password authentication on
an unencrypted IMAP session. To log in, you must do one of the following:
. negotiate TLS encryption (STARTTLS command on port 143 server)
. negotiate SSL encryption (port 993 server)
. use a non-plaintext means of authentication, such as Kerberos or
To build UW imapd so it permits plaintext password authentication on
unencrypted IMAP sessions, read the imap-200?/docs/BUILD and
imap-200?/docs/SSLBUILD files. Note, however, that doing plaintext
password authentication on an unencrypted IMAP session is the m ***
equivalent of reading your credit card number and expiration date on a pay
phone in an airport; anyone can eavesdrop upon you and thus steal your
Unencrypted sessions have another problem; it is trivial to hijack the
session and once seized use your authenticated session for nefarious
purposes. In general, it's better to use encrypted sessions exclusively.
-- Mark --
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.